<?php
    include('../init.php');
    
    foreach($_POST as $k=>$v){
        $$k = $v;
    }
    
    $q_email = $db->queryUniqueValue("SELECT m_email FROM hs_member WHERE m_id={$_SESSION['m_id']} AND m_password = md5('$o_password')");
    
    if($q_email!=NULL){
        if($n_password!=''){
            $n_password_sql = 'm_password="'.md5($n_password).'",';
        }
        $time_ = time();
        $sql = <<<sql
            UPDATE hs_member SET 
                m_name='$f_name',
                m_lastname='$l_name',
                m_company='$c_name',
                m_position='$position',
                m_phone='$phone',
                m_url='$url',
                m_address='$address',
                m_city='$city',
                m_postcode='$post_code',
                m_state='$state',
                m_country='$country',
                m_knowhow='$know',
                {$n_password_sql}
                m_level='$seccode',
                m_update='$time_',
                m_enews='$newsletter'
                WHERE m_id={$_SESSION['m_id']}
sql;
        $result = $db->query($sql);
        
        if($result){
            $data['status'] = 'success';
            $data['msg'] = $status_msg['update_success'];
        }else{
            $data['status'] = 'fail';
            $data['msg'] = $status_msg['cant_update'];
        }
    }else{
        $data['status'] = 'fail';
        $data['msg'] = $status_msg['passwrong'];
    }
    
    echo json_encode($data);
?>